{"id":"CVE-2022-49964","summary":"arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level","details":"In the Linux kernel, the following vulnerability has been resolved:\n\narm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level\n\nThough acpi_find_last_cache_level() always returned signed value and the\ndocument states it will return any errors caused by lack of a PPTT table,\nit never returned negative values before.\n\nCommit 0c80f9e165f8 (\"ACPI: PPTT: Leave the table mapped for the runtime usage\")\nhowever changed it by returning -ENOENT if no PPTT was found. The value\nreturned from acpi_find_last_cache_level() is then assigned to unsigned\nfw_level.\n\nIt will result in the number of cache leaves calculated incorrectly as\na huge value which will then cause the following warning from __alloc_pages\nas the order would be great than MAX_ORDER because of incorrect and huge\ncache leaves value.\n\n  |  WARNING: CPU: 0 PID: 1 at mm/page_alloc.c:5407 __alloc_pages+0x74/0x314\n  |  Modules linked in:\n  |  CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.19.0-10393-g7c2a8d3ac4c0 #73\n  |  pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n  |  pc : __alloc_pages+0x74/0x314\n  |  lr : alloc_pages+0xe8/0x318\n  |  Call trace:\n  |   __alloc_pages+0x74/0x314\n  |   alloc_pages+0xe8/0x318\n  |   kmalloc_order_trace+0x68/0x1dc\n  |   __kmalloc+0x240/0x338\n  |   detect_cache_attributes+0xe0/0x56c\n  |   update_siblings_masks+0x38/0x284\n  |   store_cpu_topology+0x78/0x84\n  |   smp_prepare_cpus+0x48/0x134\n  |   kernel_init_freeable+0xc4/0x14c\n  |   kernel_init+0x2c/0x1b4\n  |   ret_from_fork+0x10/0x20\n\nFix the same by changing fw_level to be signed integer and return the\nerror from init_cache_level() early in case of error.","modified":"2026-04-03T13:14:44.799789Z","published":"2025-06-18T11:00:29.710Z","related":["SUSE-SU-2025:02264-1","SUSE-SU-2025:02321-1","SUSE-SU-2025:02322-1","SUSE-SU-2025:02537-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49964.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/a754ee1c66bd0a23e613f0bf865053b29cb90e16"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e75d18cecbb3805895d8ed64da4f78575ec96043"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49964.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49964"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"f03d253ba71994b196f342a7acad448a56812a8c"},{"fixed":"a754ee1c66bd0a23e613f0bf865053b29cb90e16"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0c80f9e165f8f9cca743d7b6cbdb54362da297e0"},{"fixed":"e75d18cecbb3805895d8ed64da4f78575ec96043"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49964.json"}}],"schema_version":"1.7.5"}